<html>

<?php require_once '../yubiphpbase/appinclude.php';
require_once '../yubiphpbase/yubi_lib.php';

if (($usrid = getUsrIdFromSession()) <= 0) {
	echo TIMEDOUT;
	exit;
} else if (!isRootAdm()) {
    echo ROOT_ONLY;
    exit;
} else {
	$_SESSION['tab'] = 4;
}

include 'head.htm';

$act=getHttpVal('act', 'find_client');
$client=getHttpVal('client', -1);
writeLog('# act='.$act.', client='.$client);
if (strcmp($act,'Update')==0 && $client > 0) {
	
	$active = getHttpVal('active', 1);
	$perm = getHttpVal('perm', 3);
	$email = getHttpVal('email', '');
	$chk_sig = getHttpVal('chk_sig', '');
	$notes = getHttpVal('notes', '');	
	$provision = getHttpVal('self_provision', 0);	
	$stmt = 'UPDATE clients SET active='.$active.
		', self_provision='.$provision.
		', email='.mysql_quote($email).
		', notes='.mysql_quote($notes).
		', perm_id='.mysql_quote($perm).
		', chk_sig='.mysql_quote($chk_sig).
		' WHERE id='.$client;
	if ($r = query($stmt)) {
		$_SESSION['alert'] = 'Client-'.$client.' updated successfully';
	} else {
		$_SESSION['alert'] = 'Failed to update Client-'.$client.'! '.$contactAdm;
	}
	$act = 'find_client';
} else if ($act=='Delete' && $client > 0) {
	if (($n=numOfYubikeys($client, -1)) > 0) {
	  	$_SESSION['alert'] = 'Client-'.$client.' still has '.$n.' Yubikeys! Re-assign or delete them first.';
	} else {
	  if (delClient($client)) {
		$_SESSION['alert'] = 'Client-'.$client.' deleted successfully';
	  } else {
		$_SESSION['alert'] = 'Failed to delete Client-'.$client.'! '.$contactAdm;
	  }
	}
//	$act = 'find_client';
//	$client = $_SESSION['client'];
	showAlert(getAlert());
}

if ($client < 0) {
	$client = $_SESSION['client'];
}

$attrName=getHttpVal('attr_name', 'client');
$attrVal=getHttpVal('attr_val', $client);
$start = getHttpVal('start', 0);

if (($recents = showClients($act, $attrName, $start, $attrVal)) == 0) {
    echo '<p><h4>Client not found!</h4>';
    exit;
}


function showClients($act, $attrName='', $start=0, $attrVal='') {
  global $appurl, $bm;

  writeLog('Srch attr: '.$attrName.' act: '.$act.' val:'.$attrVal, true);
  $stmt='SELECT * FROM clients';

  if ($act == 'find_client') {
  	if ($attrName=='client' && is_numeric($attrVal)) {
  		$stmt .= ' WHERE id='.$attrVal;
  	} else if ($attrName=='email') {
  		$stmt .= ' WHERE email LIKE '.mysql_quote('%'.$attrVal.'%');		
  	} else {
  		return 0;
  	}
  } else {
  	$act = 'list_clients';
  }
  
  $stmt .= ' LIMIT ' . $start . ', ' . MAX_PER_PAGE;
  
  writeLog($stmt, true);
  $r = query($stmt);
  
  echo '<table border=0 cellspacing=1 cellpadding=1>'.
		'<tr><td valign=top colspan=6 align=left>';
		
  functionBar($act, $attrName, $attrVal);

  echo '<p></td></tr>';

  $title = '<tr bgcolor=#ADFF2F><th><font size=1>Client<br>ID</th><th><font size=1>Permissions</th>'.
	'<th><font size=1>Active</th><th><font size=1>Self-Provision</th><th><font size=1>Created</th><th><font size=1>Check Signature<br>in Requests</th>'.
	'<th><font size=1>Email</th>';
 
  if (isRootAdm()) { // root admin
  	$title .= '<th><font size=1>Notes</th><th></th>';
  }

  $title .= '</tr>';

  echo $title;

  $n = mysql_num_rows($r);
  
  ////// List each client
  //
  $i = 0;
  while ($row=mysql_fetch_assoc($r)) {	
	displayClient($row, $i % 2);
	
	if (++$i % 20 == 0) {
		echo $title;
	}
  }

  mysql_free_result($r);
  echo '</table>';
  
  echo '<br><font color=#008080 size=2><b>Showing ' . $i . ' record(s)</b></font><br><br>';
  echo '<h3><a href=#top>^ TOP</a><center><a name=BOT></a>';
  if ($start > 0) {
  	if (($s = $start - MAX_PER_PAGE) < 0) { $s = 0; }  	
  	echo '<a href=all_clients.php?act=list_clients&start='.$s.'>PREV</a> | ';
  }

  if ($i >= MAX_PER_PAGE-1) {  	
  	echo '<a href=all_clients.php?act=list_clients&start='.($start+MAX_PER_PAGE).'>NEXT</a>';
  }
  
  echo '</h3></center>';
  
  return $n;

} // End showClients


// If client id = 0, meaning it's the root user, display all clients
function displayClient($row, $toggle) {
    $client = $row['id'];
	echo '<tr'.($toggle ? ' bgcolor=#eeeeee>' : '>');
    echo '<td nowrap valign=top align=center><font size=1>'.
    	'<form method=POST action=all_clients.php>'.
		'<input type=hidden name=client value='.$row['id'].'>';
    if (isRootAdm()) {
      if ($client == $_SESSION['client']) {
    	echo '<img src=images/yubiright_16x16.gif title="This client is you"><br>';
      } else if (numOfYubikeys($client, -1) < 1) {
    	echo '<img src=images/nokey.gif title="The client has no Yubikeys!"><br>';
      }
      echo ' '.makePopupURL('edit_client.php?client='.$client, $row['id'], 500, '#BB0000','Client Info');
    }
	echo '</td>';
	
	echo '<td align=left>'.
	  '<select name=perm>'.
	  '<option value="2" '.($row['perm_id']==2 ? 'selected' : '').'>Verify OTP + Manage Yubikeys'.
	  '<option value="3" '.($row['perm_id']==3 ? 'selected' : '').'>Verify OTP Only'.
	  '</select></td>';

	echo '<td align=center><select name=active>';
	if ($client != $_SESSION['client']) {
		echo '<option value="0" '.($row['active']==0 ? 'selected' : '').'>Inactive'.
			 '<option value="1" '.($row['active']==1 ? 'selected' : '').'>Active';
	} else {
		echo '<option value=1>Active';
	}
	echo '</select></td>';

	///
	echo '<td align=center><select name=self_provision>';
	echo '<option value="0" '.($row['self_provision']==0 ? 'selected' : '').'>Disable'.
		 '<option value="1" '.($row['self_provision']==1 ? 'selected' : '').'>Enable';
	echo '</select></td>';
	///
		
	echo '<td align=left><font size=1>' . $row['created'] . '</td>';
	
	echo '<td align=left>'.
	  '<select name=chk_sig>'.
	  '<option value="0" '.($row['chk_sig']==0 ? 'selected' : '').'>No'.
	  '<option value="1" '.($row['chk_sig']==1 ? 'selected' : '').'>Yes'.
	  '</select></td>';
	
	echo '<td align=left><input name=email size=12 value="' . $row['email'] . '"></td>';
	
	if (isRootAdm()) { // root admin
		echo '<td><textarea name=notes cols=10 rows=2>'.$row['notes'].'</textarea></td>'.
			'<td><input name=act type=submit value=Update class=buttonLinkSmall>&nbsp;'.
			'<input name=act type=submit value=Delete class=buttonLinkSmall>'.
			'</form></td>';
	}
	
	echo '</tr>';
	
} // End displayClient

// op = list_clients, findclient
function functionBar($act, $attrName, $attrVal) {
	global $page;
	
	echo '<form autocomplete=off method=POST action=all_clients.php>';
	echo '<table border=0>'.
	  '<tr><td colspan=9 height=10></td></tr>';

    echo '<tr><td valign=top>';
    divBut(100, $page.'?act=list_clients','List All Clients', strcmp('list_clients',$act) ? false : true);
    echo '</td>';

    echo '<td width=10></td><td valign=top><font color=#008080 size=2><b>' .
    		'Find a Client by </b></font>';
    echo '<select name=attr_name><option value=client>Client ID'.
		'<option value=email';
	if ($attrName == 'email') {
		echo ' selected';
	}
	echo '>Email'.
		'</select>';
    echo '</td>'.
	  '<td valign=top><font size=1>'.
		'<input name="attr_val" size=20 maxlength=150 class=inputtxt value="'.
		$attrVal.'">'.
        '<input name=act value=find_client type=hidden>'.
	  '</td>';
    
  	echo '</tr>';
	echo '</table>';
	echo '</form>';
}
?>

</body>
</html>
